Black Arrow Cyber Threat Intelligence Briefing 17 April 2026
Welcome to this week’s Black Arrow Cyber Threat Intelligence Briefing – a weekly digest, collated and curated by our cyber experts to provide senior and middle management with an easy to digest round up of the most notable threats, vulnerabilities, and cyber related news from the last week.
Executive Summary
In our threat intelligence briefing last week, we described how Anthropic’s new AI model had identified thousands of new serious vulnerabilities in major operating systems and ways to exploit them; this week, we include details of how the UK financial regulators are working to quickly address these AI developments with similar activity in other countries. We also report on how the adoption of AI by organisations themselves has increased the need for business leaders to strengthen their understanding and management of the associated risks.
We include details this week of how AI and other attacker tactics have increased risks such as inbox compromise, ransomware and other destructive attacks. Our advice on how business leaders should manage the risks remains fundamentally unchanged. The leadership should ensure a strong understanding of cyber risks from impartial experts, to lead the conversation on risk management with their control providers through proportionate controls underpinned by credible governance. The focus is not just on security, to reduce the probability of a successful attack, but also on resilience to withstand a successful attack when it happens. Contact us to discuss a suitable approach to achieve this.
Top Cyber Stories of the Last Week
UK Financial Regulators Rush to Assess Risks of Anthropic Latest AI Model, FT Reports
UK financial regulators are urgently assessing the cyber security implications of a new artificial intelligence model after claims it identified thousands of serious weaknesses across widely used software, including operating systems and web browsers. The Bank of England, the Financial Conduct Authority, HM Treasury and the National Cyber Security Centre are working with major banks, insurers and exchanges to understand whether the model could expose risks in critical systems. The move reflects growing concern that advanced AI could strengthen cyber defence, but also increase the risk of more effective cyber attacks.
AI Adoption Is Outpacing the Safeguards Around It
AI is being adopted faster than the safeguards around it, creating new risks for organisations. Reported AI related incidents rose from 233 in 2024 to 362 in 2025, while separate monitoring showed monthly cases reaching 435 at the start of 2026. At the same time, major AI providers are giving less visibility into how their systems are built and tested, with transparency scores falling from 58 to 40 in a year. This leaves organisations relying more on their own testing, monitoring and supplier controls to manage systems whose behaviour can be harder to predict than traditional software.
https://www.helpnetsecurity.com/2026/04/14/ai-adoption-safety-transparency-report/
PwC: Cyber Security Risk Outpaces Corporate Ability to Manage
PwC’s latest survey of more than 600 US executives shows cyber security is a board-level business risk that most organisations do not feel equipped to deal with. While 60% rank it among their top three risks, only 6% say they can manage it effectively. The report also found 68% see cyber-attacks as a moderate or serious threat, while 38% have increased spending on technology and artificial intelligence since January 2025. Despite this investment, many firms remain on the back foot as fast-changing regulation and rapid advances in AI make threats harder to manage.
https://www.inforisktoday.com/pwc-cybersecurity-risk-outpaces-corporate-ability-to-manage-a-31405
New VENOM Phishing Attacks Steal Senior Executives’ Microsoft Logins
A previously undocumented phishing‑as‑a‑service platform known as VENOM is targeting C‑suite executives through highly personalised emails designed to look like internal Microsoft SharePoint messages. The campaign uses QR codes to move victims onto mobile devices, where attackers relay the victim’s login and multi‑factor authentication process to Microsoft in real time, allowing them to capture credentials and active session tokens. Active since at least November, VENOM appears closed to wider criminal use, limiting its visibility. The activity highlights how senior leadership accounts are being deliberately singled out using sophisticated, identity‑focused phishing techniques.
Beyond Wipers: Iran-Backed Cyber Attacks and the Threat to Businesses
Iran-linked cyber activity is posing a growing risk to UK and US organisations, particularly those in finance, healthcare, energy, transport and critical services. One recent attack reportedly disrupted a global medical technology firm and claimed to have wiped more than 200,000 devices using a legitimate remote management tool. Researchers have tracked 5,800 attacks from 50 Iran-linked groups. While the US faces the greatest direct exposure, UK businesses remain vulnerable through supply chains and cloud-based services. Business leaders should ensure foundational controls are in place, including patching systems, enforcing MFA, reviewing privileged access, resilient backups and having incident response plans ready.
Wiz: 80% of Cloud Breaches Are Caused by Basic Mistakes
Researchers report that 80% of cloud breaches in 2025 stemmed from basic mistakes such as poor system configuration, weak handling of passwords and access keys, and gaps in user security. 53% of malicious activity that occurred before an attack involved reconnaissance, where criminals quietly map systems and test access. Rapid AI adoption is widening the number of possible entry points, while attackers are also using AI to speed up phishing, automate tasks and scale operations. To address this, business leaders should focus on visibility of the organisation’s externally reachable assets, identities and attack paths, while reinforcing basic security hygiene.
Ransomware Lives On, Blending Hacktivism and Crime, Fuelled by AI
Ransomware continues to evolve despite law enforcement disruption, with groups adopting more aggressive extortion tactics and increasingly blending criminal and political motives. Artificial intelligence is being used to generate malicious code, improve social engineering and scale operations, lowering the barrier for less‑skilled actors. In 2025, ransomware groups extorted more than $724 million in cryptocurrency, highlighting the profitability of the model. Hybrid ransomware and hacktivist groups are also using ransomware tools for ideological impact alongside traditional financial extortion. Business leaders should ensure strong control over user identities and privileges, as ransomware and extortion attacks are only as effective as the access they are able to obtain.
Security Leaders Overconfident About Ransomware Recovery
Many organisations are overconfident about their ability to recover from ransomware. Research shows that while 90% of security leaders believe they can restore operations quickly, only 28% fully recover their data after an attack. On average, just 72% of affected data is restored, with many organisations still facing data loss, downtime and business disruption. The report also found that more than 40% of organisations hit by cyber incidents suffered customer disruption or financial loss. Rapid adoption of artificial intelligence is adding further risk, with 43% saying it is advancing faster than their ability to secure it.
https://www.itpro.com/security/security-leaders-overconfident-about-ransomware-recovery
‘It’s More Common Than You Think’: Experts Reveal How Hackers Are Trying to Hijack Your Inbox with These Clever Tactics
Proofpoint has warned that criminals are increasingly abusing a legitimate email feature called inbox rules to quietly maintain access to compromised accounts. These automated settings can hide security alerts, forward sensitive messages, and mark emails as read, allowing attackers to monitor communications and impersonate victims without drawing attention. In the final quarter of 2025, around 10% of breached accounts had a malicious rule created within seconds of the initial compromise. Senior leaders, finance teams and other outward-facing roles remain particularly attractive targets for this type of cyber attack.
From Awareness to Action: Closing the Human Risk Gap in Cyber Security
Human behaviour is one of the biggest drivers of cyber security incidents, yet most organisations are still not responding effectively. Mimecast reports that 96% of those surveyed believe their defences against people being deceived or misusing access are incomplete. Attacks are rising across email, messaging and collaboration tools, with 53% reporting more phishing, 48% more email fraud and 45% more attacks through workplace platforms. The report also found that just 8% of users account for 80% of incidents, highlighting the value of better oversight, targeted training and joined-up security controls.
How the Enterprise Supply Chain Has Created a Global Attack Surface
Modern organisations now face growing cyber security risk through their suppliers, not just their own systems. As businesses rely on more cloud services, software providers and outsourced partners, each relationship can create a route into sensitive data or critical operations. Recent disruption linked to the war in Ukraine showed how problems in one region can affect organisations far beyond it through indirect supplier connections. The most effective response is a practical one: focus greatest scrutiny on high-risk suppliers with access to important systems or data, and build security checks into procurement and access decisions from the start.
UK Reliance on US Big Tech Companies Is ‘National Security Risk’, Claims Report
A report backed by MPs warns that the UK’s heavy dependence on a small number of US technology providers for data centres, software and other critical digital services could become a national security risk. It argues that political tensions could disrupt essential services, while limited competition may also be driving up public sector cloud costs by as much as £500 million a year. The report calls for greater investment in UK-based providers, open standards and open-source software (publicly available code that organisations can inspect and adapt), to improve resilience, reduce lock-in and support innovation.
The Most Important Cyber Security Trends in 2026 So Far
Cyber security trends in early 2026 centre on artificial intelligence, ransomware and nation‑state attacks. AI is being used to detect threats and understand sensitive data environments, while at the same time attackers use it to scale phishing, social engineering and deepfake attacks. Identity and access management remains vulnerable where credentials are compromised, or insider threats occur. Ransomware continues to evolve, with some attacks focused on encrypting or wiping systems to disrupt operations. Business leaders should ensure their data is identified and protected wherever it is stored or accessed, apply clear classification, and scrutinise third‑party software and suppliers.
https://securityboulevard.com/2026/04/the-most-important-cybersecurity-trends-in-2026-so-far/
Governance, Risk and Compliance
PwC: Cybersecurity Risk Outpaces Corporate Ability to Manage
Businesses are paying the price for CISO burnout | Computer Weekly
The Most Important Cybersecurity Trends in 2026 So Far - Security Boulevard
Only a third of cybersecurity professionals plan to stay in their current role - BetaNews
Analysis of 216M Security Findings Shows a 4x Increase In Critical Risk (2026 Report)
Threats
Ransomware, Extortion and Destructive Attacks
Just Three Ransomware Gangs Accounted for 40% of Attacks Last Month - Infosecurity Magazine
Ransomware Lives On, Blending Hacktivism and Crime, Fueled by AI - Security Boulevard
Ransomware Groups Are Actively Disabling Your EDR Before You Even Know It - Security Boulevard
Security leaders overconfident about ransomware recovery | IT Pro
Ransomware scum, other crims exploit 4 old Microsoft bugs • The Register
Emulating the Persuasive NightSpire Ransomware - Security Boulevard
0APT ransomware gang extorts Krybit amid doxxing threat • The Register
Pay up for ransomware and they’ll be back for more - BetaNews
Crypto-exchange Kraken extorted by hackers after insider breach
Ransomware and Destructive Attack Victims
Beyond wipers: Iran-backed cyber attacks and the threat to businesses | IT Pro
Stolen Rockstar Games analytics data leaked by extortion gang
Hackers threaten to leak over 9M Amtrak records, including personal info | Cybernews
McGraw-Hill confirms data breach following extortion threat
Hallmark data breach escalates as hackers leak and sell customer records| Cybernews
All jobs lost as Scottish company forced into liquidation after cyber attack | The National
6-Year Ransomware Campaign Targets Turkish Homes & SMBs
Teenaged Boy Arrested After NI Schools Hacked | Silicon UK Tech
U.S. Public Sector Under Siege: Threat Intelligence for Q1 2026 | Trend Micro (US)
Phishing & Email Based Attacks
New VENOM phishing attacks steal senior executives' Microsoft logins
Poisoned "Office 365" search results lead to stolen paychecks - Help Net Security
Global phishing war targets smartphones in massive hack-for-hire espionage campaign - Times Kuwait
Other Social Engineering
From awareness to action: Closing the human risk gap in cybersecurity | resource | SC Media
Poisoned "Office 365" search results lead to stolen paychecks - Help Net Security
North Korea's APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware
ClickFix campaign delivers Mac malware via fake Apple page - Help Net Security
AML/CFT/Money Laundering/Terrorist Financing/Sanctions
Triad Nexus Expands Global Fraud Operations Despite US Sanctions - Infosecurity Magazine
Major Scam Network Triad Nexus Adapts Operations to Avoid U.S. Scrutiny - Security Boulevard
Artificial Intelligence
AI cyber threats: open letter to business leaders (HTML) - GOV.UK
Financial services regulators assess risks from Anthropic’s new AI model - FStech
The 'Vulnpocalypse': Why experts fear AI could tip the scales toward hackers
UK gov's Mythos AI tests help separate cybersecurity threat from hype - Ars Technica
Anthropic’s Mythos finds software flaws faster than companies can fix them | Fortune
Anthropic’s Mythos signals a structural cybersecurity shift | CSO Online
Ransomware Lives On, Blending Hacktivism and Crime, Fueled by AI - Security Boulevard
AI adoption is outpacing the safeguards around it - Help Net Security
The exploit gap is closing, and your patch cycle wasn't built for this - Help Net Security
AI and Cryptocurrency Scams are Costing Americans Billions, FBI Reports
How the explosion in machine identities is changing cyber defense | IT Pro
AI-Driven Pushpaganda Scam Exploits Google Discover to Spread Scareware and Ad Fraud
CEOs are embracing AI agents as cyber risks grow | Semafor
Apple Intelligence AI Guardrails Bypassed in New Attack - SecurityWeek
Rethinking Insider Risk in the Age of AI and Autonomy - Silicon UK Expert Advice
What AI-Driven Attack Chains Mean for CFOs and CISOs
China Cracking Down on the Types of AI That Are Tearing America Apart
43% of AI-generated code changes need debugging in production, survey finds | VentureBeat
Enterprises are using AI for security but less than a third fully trust it - BetaNews
Bots/Botnets
Newly Discovered PowMix Botnet Hits Czech Workers Using Randomized C2 Traffic
Careers, Roles, Skills, Working in Cyber and Information Security
Businesses are paying the price for CISO burnout | Computer Weekly
Only a third of cybersecurity professionals plan to stay in their current role - BetaNews
CISOs Urged to Innovate in Talent Retention as Job Satisfaction Declin - Infosecurity Magazine
UK Cyber Security Council Launches Associate Cyber Security Profession - Infosecurity Magazine
Cloud/SaaS
APT41 Delivers 'Undetectable' Backdoor to Steal Cloud Credentials
Wiz: 80% of cloud breaches are caused by basic mistakes | IT Pro
Microsoft 365 Tenant Security: How to Stay in Control of Your Data - Infosecurity Magazine
Cryptocurrency/Cryptomining/Cryptojacking/NFTs/Blockchain
AI and Cryptocurrency Scams are Costing Americans Billions, FBI Reports
Bitcoin Depot hack leads to $3.6M Bitcoin theft via stolen credentials
Over 20,000 crypto fraud victims identified in international crackdown
French cops free mother and son after crypto kidnapping • The Register
U.S. Treasury enlists crypto in national cyber defense push as digital asset hacks rise
Crypto-exchange Kraken extorted by hackers after insider breach
$12 million frozen, 20,000 victims identified in crypto scam crackdown - Help Net Security
Cyber Crime, Organised Crime & Criminal Actors
Ransomware Lives On, Blending Hacktivism and Crime, Fueled by AI - Security Boulevard
French cops free mother and son after crypto kidnapping • The Register
W3LL phishing service sold for $500 dismantled by the FBI - Help Net Security
Triad Nexus Expands Global Fraud Operations Despite US Sanctions - Infosecurity Magazine
Cybercriminal responsible for PowerSchool breach speaks out
Hacker Unknown now known, named on Europol’s most-wanted list | CSO Online
Data Breaches/Leaks
108 Chrome Extensions Linked to Data Exfiltration and Sessio...
Hack at Anodot leaves over a dozen breached companies facing extortion | TechCrunch
Over 100 Chrome extensions caught stealing Google and Telegram data: How to stay safe? | Mint
LiteLLM Supply Chain Attack Exposes Millions To Credential Theft
Hackers threaten to leak over 9M Amtrak records, including personal info | Cybernews
McGraw-Hill confirms data breach following extortion threat
Hallmark data breach escalates as hackers leak and sell customer records| Cybernews
300,000 People Impacted by Eurail Data Breach - SecurityWeek
Hims Breach Exposes the Most Sensitive Kinds of PHI
European Gym giant Basic-Fit data breach affects 1 million members
Nightclub Giant RCI Hospitality Reports Data Breach - SecurityWeek
Europe's Largest Gym Chain Says Data Breach Impacts 1 Million Members - SecurityWeek
Stolen Rockstar Games analytics data leaked by extortion gang
Hungary officials used weak passwords exposed in breach dump • The Register
Data Protection
Health insurance lead sites sell personal data within seconds of form submission - Help Net Security
Data/Digital Sovereignty
UK reliance on US big tech companies is ‘national security risk’, claims report | Computer Weekly
France to ditch Windows for Linux to reduce reliance on US tech | TechCrunch
Denial of Service/DoS/DDoS
Orgs Must Test Networks to Handle DDoS Attacks During Peak Loads
Cybercriminals are increasingly attacking digital services
Encryption
Why is the timeline to quantum-proof everything constantly shrinking? | CyberScoop
Preparing for 'Q-Day': Why Quantum Risk Management Is a Must
WhatsApp's 'End-to-End Encryption by Default' Claim Called Major Consumer Fraud by Pavel Durov
Fraud, Scams and Financial Crime
AI and Cryptocurrency Scams are Costing Americans Billions, FBI Reports
Over 20,000 crypto fraud victims identified in international crackdown
Triad Nexus Expands Global Fraud Operations Despite US Sanctions - Infosecurity Magazine
AI-Driven Pushpaganda Scam Exploits Google Discover to Spread Scareware and Ad Fraud
Beyond wipers: Iran-backed cyber attacks and the threat to businesses | IT Pro
$12 million frozen, 20,000 victims identified in crypto scam crackdown - Help Net Security
FBI and Indonesian Police Dismantle W3LL Phishing Network Behind $20M Fraud Attempts
Identity and Access Management
How the explosion in machine identities is changing cyber defense | IT Pro
Your Next Breach Will Look Like Business as Usual
Insider Risk and Insider Threats
Crypto-exchange Kraken extorted by hackers after insider breach
From awareness to action: Closing the human risk gap in cybersecurity | resource | SC Media
Rethinking Insider Risk in the Age of AI and Autonomy - Silicon UK Expert Advice
The Quiet Revolt: What The World Happiness Report 2026 Tells Security Professionals
Internet of Things – IoT
The Tech Of The Iran War: Hacking Traffic Cameras & Cyberpunk Surveillance Ops
Law Enforcement Action and Take Downs
Teenaged Boy Arrested After NI Schools Hacked | Silicon UK Tech
$12 million frozen, 20,000 victims identified in crypto scam crackdown - Help Net Security
Hacker Unknown now known, named on Europol’s most-wanted list | CSO Online
Linux and Open Source
France to ditch Windows for Linux to reduce reliance on US tech | TechCrunch
Distributed Risk: Open-Source Software as Strategic Infrastructure | Geopolitical Monitor
Microsoft locks out top open source devs, blames process • The Register
Malvertising
Poisoned "Office 365" search results lead to stolen paychecks - Help Net Security
'Harmless' Global Adware Transforms Into an AV Killer
AI-Driven Pushpaganda Scam Exploits Google Discover to Spread Scareware and Ad Fraud
Mirax Android RAT Turns Devices into SOCKS5 Proxies, Reaching 220,000 via Meta Ads
Signed software abused to deploy antivirus-killing scripts
Malware
'Harmless' Global Adware Transforms Into an AV Killer
APT41 Delivers 'Undetectable' Backdoor to Steal Cloud Credentials
North Korea's APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware
Yes, you can get malware just by visiting a website
Renovate & Dependabot: The New Malware Delivery System - Security Boulevard
The silent “Storm”: New infostealer hijacks sessions, decrypts server-side
Signed software abused to deploy antivirus-killing scripts
ClickFix campaign delivers Mac malware via fake Apple page - Help Net Security
GlassWorm Campaign Uses Zig Dropper to Infect Multiple Developer IDEs
Fake Claude Website Distributes PlugX RAT - SecurityWeek
Someone planted backdoors in dozens of WordPress plug-ins used in thousands of websites | TechCrunch
New ‘LucidRook’ malware used in targeted attacks on NGOs, universities
JanelaRAT Malware Targets Latin American Banks with 14,739 Attacks in Brazil in 2025
New AgingFly malware used in attacks on Ukraine govt, hospitals
Misinformation, Disinformation and Propaganda
War Game Exercise Shows How Social Media Manipulation Works
Mobile
Mirax Android RAT Turns Devices into SOCKS5 Proxies, Reaching 220,000 via Meta Ads
Users lose $9.5 million to fake Ledger wallet app on the Apple App Store
Global phishing war targets smartphones in massive hack-for-hire espionage campaign - Times Kuwait
WhatsApp's 'End-to-End Encryption by Default' Claim Called Major Consumer Fraud by Pavel Durov
Musk, Durov attack WhatsApp encryption | Cybernews
iPhone forensics expose Signal messages after app removal in U.S. case
Models, Frameworks and Standards
EU cybersecurity standards are at risk if supplier ban passes - Help Net Security
Outages
Kremlin tells Russians internet shutdowns are temporary after crackdown ruffles elite | Reuters
Passwords, Credential Stuffing & Brute Force Attacks
APT41 Delivers 'Undetectable' Backdoor to Steal Cloud Credentials
Bitcoin Depot hack leads to $3.6M Bitcoin theft via stolen credentials
New VENOM phishing attacks steal senior executives' Microsoft logins
Your Next Breach Will Look Like Business as Usual
Are Rainbow Tables Still Relevant in 2026? - Infosecurity Magazine
Raspberry Pi OS 6.2 disables passwordless sudo by default - Help Net Security
Regulations, Fines and Legislation
AI security officials warn on Anthropic model as Bank to hold meeting
Bessent, Powell Summon Bank CEOs to Urgent Meeting Over Anthropic's New AI Model - Bloomberg
EU cybersecurity standards are at risk if supplier ban passes - Help Net Security
What the EU AI Act requires for AI agent logging - Help Net Security
Netherlands won't ban ransom payments to hackers | Cybernews
The FCC just saved Netgear from its router ban for no obvious reason | The Verge
FCC just handed Netgear a de facto router monopoly in the US
Social Media
North Korea's APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware
The Quiet Revolt: What The World Happiness Report 2026 Tells Security Professionals
Mirax Android RAT Turns Devices into SOCKS5 Proxies, Reaching 220,000 via Meta Ads
War Game Exercise Shows How Social Media Manipulation Works
BrowserGate: Claims of LinkedIn ‘Spying’ Clash With Security Research Findings - SecurityWeek
Software Supply Chain
CPUID Hacked to Serve Trojanized CPU-Z and HWMonitor Downloads - SecurityWeek
Supply Chain and Third Parties
Two different attackers poisoned popular open source tools • The Register
How the enterprise supply chain has created a global attack surface - IT Security Guru
Hack at Anodot leaves over a dozen breached companies facing extortion | TechCrunch
Google Warns of New Threat Group Targeting BPOs and Helpdesks - Infosecurity Magazine
OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident
Nation State Actors, Advanced Persistent Threats (APTs), Cyber Warfare, Cyber Espionage and Geopolitical Threats/Activity
Cyber Warfare and Cyber Espionage
Beyond wipers: Iran-backed cyber attacks and the threat to businesses | IT Pro
Do Ceasefires Slow Cyberattacks? History Suggests Not
Cyberattacks, Tariffs, Geopolitics Loom Over Business Executives
The Tech Of The Iran War: Hacking Traffic Cameras & Cyberpunk Surveillance Ops
Global phishing war targets smartphones in massive hack-for-hire espionage campaign - Times Kuwait
We should be more worried about cyber warfare targeting the civilian economy
Cybersecurity in an Age of Geopolitical Fracture
Nation State Actors
U.S. Public Sector Under Siege: Threat Intelligence for Q1 2026 | Trend Micro (US)
China
APT41 Delivers 'Undetectable' Backdoor to Steal Cloud Credentials
U.S. Public Sector Under Siege: Threat Intelligence for Q1 2026 | Trend Micro (US)
China Cracking Down on the Types of AI That Are Tearing America Apart
Russia
Inside the FBI’s router takedown that cut off APT28’s ‘tremendous access’ | CyberScoop
Your router may be vulnerable to Russian hackers, FBI warns: 5 steps to take now | ZDNET
Russia's 'Fancy Bear' APT Continues Its Global Onslaught
The cables powering the internet are under the ocean – and under threat | TechSpot
New AgingFly malware used in attacks on Ukraine govt, hospitals
With Russia already 'at war with us', UK must urgently defend key North Sea energy infrastructure
Kremlin tells Russians internet shutdowns are temporary after crackdown ruffles elite | Reuters
Russian-Linked Hackers Breach Emails of the Romanian Army - The Romania Journal
North Korea
Two different attackers poisoned popular open source tools • The Register
North Korea's APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware
Iran
Beyond wipers: Iran-backed cyber attacks and the threat to businesses | IT Pro
Do Ceasefires Slow Cyberattacks? History Suggests Not
The Tech Of The Iran War: Hacking Traffic Cameras & Cyberpunk Surveillance Ops
Iran Planning Cyberattack on US Infrastructure, Intelligence Community Warns - The National Interest
Iran-linked group Handala claims to have breached three major UAE organizations
Sweden reports cyberattack attempt on heating plant amid rising energy threats
Industrial Devices Still Vulnerable As Conflicts Move to Cyber
Other Nation State Actors, Hacktivism, Extremism, Terrorism and Other Geopolitical Threat Intelligence
Ransomware Lives On, Blending Hacktivism and Crime, Fueled by AI - Security Boulevard
Global phishing war targets smartphones in massive hack-for-hire espionage campaign - Times Kuwait
Tools and Controls
Enterprises are using AI for security but less than a third fully trust it - BetaNews
Ransomware Groups Are Actively Disabling Your EDR Before You Even Know It - Security Boulevard
PwC: Cybersecurity Risk Outpaces Corporate Ability to Manage
'Harmless' Global Adware Transforms Into an AV Killer
Microsoft locks out top open source devs, blames process • The Register
From awareness to action: Closing the human risk gap in cybersecurity | resource | SC Media
UK financial regulators rush to assess risks of Anthropic’s latest AI model
Financial services regulators assess risks from Anthropic’s new AI model - FStech
Mythos testing begins as governments raise cyber concerns
The Vuln Surge is Coming. CSA is Telling Us How to Survive It - Security Boulevard
The 'Vulnpocalypse': Why experts fear AI could tip the scales toward hackers
Testing reveals Claude Mythos's offensive capabilities and limits - Help Net Security
Claude Mythos Preview completes full cyberattack simulation for the first time - The New Stack
Anthropic’s Mythos finds software flaws faster than companies can fix them | Fortune
The exploit gap is closing, and your patch cycle wasn't built for this - Help Net Security
Security leaders overconfident about ransomware recovery | IT Pro
How AI is getting better at finding security holes : NPR
Most organizations make a mess of handling digital disruption | IT Pro
Signed software abused to deploy antivirus-killing scripts
Incident response for AI: Same fire, different fuel | Microsoft Security Blog
43% of AI-generated code changes need debugging in production, survey finds | VentureBeat
GlassWorm Campaign Uses Zig Dropper to Infect Multiple Developer IDEs
Network segmentation projects fail in predictable patterns - Help Net Security
What vibe hunting gets right about AI threat hunting, and where it breaks down - Help Net Security
Other News
Fortinet report: cyberattacks against banks increasing
From Somerset to New York: Why are undersea cables so important? - BBC News
The cables powering the internet are under the ocean – and under threat | TechSpot
Mailbox Rule Abuse Emerges as Stealthy Post-Compromise Threat - Infosecurity Magazine
Cybercriminals are increasingly attacking digital services
Comms Business - One fifth of telcos' websites wide open to cyber attacks
Healthcare IT under siege: CloudWave is fighting back - SiliconANGLE
The Dumbest Hack of the Year Exposed a Very Real Problem | WIRED
Vulnerability Management
NIST Limits CVE Enrichment After 263% Surge in Vulnerability Submissions
AI security officials warn on Anthropic model as Bank to hold meeting
Bessent, Powell Summon Bank CEOs to Urgent Meeting Over Anthropic's New AI Model - Bloomberg
UK financial regulators rush to assess risks of Anthropic’s latest AI model
Mythos testing begins as governments raise cyber concerns
Testing reveals Claude Mythos's offensive capabilities and limits - Help Net Security
The exploit gap is closing, and your patch cycle wasn't built for this - Help Net Security
How AI is getting better at finding security holes : NPR
Vulnerabilities
Microsoft Issues Patches for SharePoint Zero-Day and 168 Other New Vulnerabilities
Microsoft drops its second-largest monthly batch of defects on record | CyberScoop
Privilege Elevation Dominates Massive Microsoft Patch Update
Windows BitLocker Vulnerability Allows Attacker to Bypass Security Feature
Cisco says critical Webex Services flaw requires customer action
Cisco Patches Four Critical Identity Services, Webex Flaws Enabling Code Execution
Ransomware scum, other crims exploit 4 old Microsoft bugs • The Register
Mac users, update your ChatGPT app immediately: OpenAI issues urgent security warning | Mint
Chrome 147 Patches 60 Vulnerabilities, Including Two Critical Flaws Worth $86,000 - SecurityWeek
Juniper Networks Patches Dozens of Junos OS Vulnerabilities - SecurityWeek
Adobe Patches Exploited Zero-Day That Lingered for Months
Adobe Patches 55 Vulnerabilities Across 11 Products - SecurityWeek
Recently leaked Windows zero-days now exploited in attacks
Vindictive hacker drops second Windows Defender exploit | Cybernews
SAP Patches Critical ABAP Vulnerability - SecurityWeek
Critical Fortinet sandbox bugs allow auth bypass and RCE • The Register
OpenSSL 4.0.0 release cuts deprecated protocols and gains post-quantum support - Help Net Security
Attackers target unpatched ShowDoc servers via CVE-2025-0520
DavMail 6.6.0 patches a regex flaw and advances its Microsoft Graph backend - Help Net Security
New PHP Composer Flaws Enable Arbitrary Command Execution — Patches Released
Two Vulnerabilities Patched in Ivanti Neurons for ITSM - SecurityWeek
Microsoft: April Windows Server 2025 update may fail to install
Splunk Enterprise Update Patches Code Execution Vulnerability - SecurityWeek
Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face
Critical flaw in wolfSSL library enables forged certificate use
Sector Specific
Industry specific threat intelligence reports are available.
Contact us to receive tailored reports specific to the industry/sector and geographies you operate in.
· Automotive
· Construction
· Critical National Infrastructure (CNI)
· Defence & Space
· Education & Academia
· Energy & Utilities
· Estate Agencies
· Financial Services
· FinTech
· Food & Agriculture
· Gaming & Gambling
· Government & Public Sector (including Law Enforcement)
· Health/Medical/Pharma
· Hotels & Hospitality
· Insurance
· Legal
· Manufacturing
· Maritime & Shipping
· Oil, Gas & Mining
· OT, ICS, IIoT, SCADA & Cyber-Physical Systems
· Retail & eCommerce
· Small and Medium Sized Businesses (SMBs)
· Startups
· Telecoms
· Third Sector & Charities
· Transport & Aviation
· Web3
Contact us to help assess where your risks lie and to ensure you are doing all you can do to keep you and your business secure.
Look out for our ‘Cyber Tip Tuesday’ video blog and on our YouTube channel.
You can also follow us on Facebook, Twitter and LinkedIn.
Links to external articles are provided for general interest and awareness only. Linking to or reposting external content does not constitute endorsement of or by any organisation, service, or product. We do not control and are not responsible for the content, security, or availability of external websites or links. Full credit is given to the original authors and sources. E&OE.